Lucene search
K

18337 matches found

OSV
OSV
added 2026/06/11 9:12 a.m.5 views

SUSE-SU-2026:2366-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...

9.1CVSS5.3AI score0.01335EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

Debian dsa-6337 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6337 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6337-1 [email protected]...

9.6CVSS6.6AI score0.01654EPSS
Exploits4References151
Debian CVE
Debian CVE
added 2026/06/10 9:22 p.m.10 views

CVE-2026-46523

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue...

7.5CVSS5.4AI score0.00301EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/09 5:43 p.m.35 views

CVE-2026-34703 InDesign Desktop | NULL Pointer Dereference (CWE-476)

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this...

5.5CVSS0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin Slider Revolution 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 3:5 p.m.13 views

CLEANSTART-2026-PD78752 Security fixes for CVE-2025-11579, CVE-2026-21726, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32281, CVE-2026-32283, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-33810, CVE-2026-33997, CVE-2026-34040, CVE-2026-34165, CVE-2026-34986, CVE-2026-39821, CVE-2026-39882, CVE-2026-39883, CVE-2026-41506, CVE-2026-41602, CVE-2026-45022, ghsa-37cx-329c-33x3, ghsa-3xc5-wrhm-f963, ghsa-497x-rrr9-68jp, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr, ghsa-w5pp-99ch-qj29, ghsa-w8rr-5gcm-pp58, ghsa-wf45-q9ch-q8gh, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.2-r0, 1.14.2-r1, 1.15.1-r1, 1.16.0-r0, 1.16.1-r0

Multiple security vulnerabilities affect the grafana-alloy package. These issues are resolved in later releases. See references for individual vulnerability details...

9.6CVSS8AI score0.08123EPSS
Exploits5References52
OSV
OSV
added 2026/06/08 1:21 p.m.12 views

CLEANSTART-2026-RR82368 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-2332, CVE-2026-24515, CVE-2026-25210, CVE-2026-25646, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5, 3.7.2-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS7.8AI score0.01127EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2026:2115-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2115-1 advisory. This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names...

9.8CVSS5.7AI score0.01335EPSS
Exploits1References37
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-4643

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server or plugin to crash the desktop client via invoking window.close in the renderer context, leading to...

3.5CVSS5.5AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.12 views

CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 6:24 p.m.11 views

OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

9.8CVSS6.9AI score0.005EPSS
Exploits17References83
Vulnrichment
Vulnrichment
added 2026/06/04 4:7 p.m.9 views

CVE-2026-49940 Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

5.8AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 5:43 a.m.45 views

CVE-2026-49192 Summary Service Insecure Direct Object Reference

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.3CVSS0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 5:43 a.m.8 views

CVE-2026-49192 Summary Service Insecure Direct Object Reference

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.3CVSS5.8AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:43 a.m.6 views

CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.3CVSS5.8AI score0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 5:43 a.m.29 views

CVE-2026-49192

Technical details for CVE-2026-49192 are not publicly available in the provided documents. Monitor for updates on affected products, exposed data, and remediation.

5.4CVSS5.8AI score0.00138EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/04 2:23 a.m.10 views

SUSE CVE-2026-45155

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...

2.6CVSS5.7AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46150

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.3CVSS5.8AI score0.00138EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2026/06/03 12:16 p.m.40 views

Keep getting calls from questionable numbers? Meet Scam Number Check

Have you ever gotten a phone call and had a gut feeling that those random digits looked extra suspicious? It happens to millions of people every day. While many people have trained themselves to ignore such calls, they still pose a threat across the US. In fact, scammers stole more than $21 billi...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the use of static authentication random numbers, which may allow attackers to recover the plaintext...

7.3CVSS5.4AI score0.00166EPSS
Exploits0References1
Rows per page
Query Builder